Tuesday, November 27, 2012

West Coast Productions, Inc. v. Does 1-448

Robby T. Cook - Attorney at Law
3:12-cv-01277-HLA-JRK
West Coast Productions, Inc.


Another Porn bittorrent case.  This time targeting 448 People.   

At the risk of sounding like an advertisement, contact me today for representation.  As always, the consultations are free.

Thursday, November 15, 2012

Bait Productions Pty. Ltd. v. John Does

An attorney by the name of Richard E. Fee of Fee & Jeffries PA has filed more than a handful of lawsuits in the United States District Court for the Middle District of Florida.

The Plaintiff in this case is Bait Productions Pty. Ltd. and these (now fourteen) cases target on average about 50 people at a time.  As of today's date, Bait Productions Pty. Ltd. appears to have filed 14 cases, and are therefore targeting close to 500 or 600 people.  This means that roughly 100 or 150 innocent internet subscribers will be targeted in these cases.

Some of the the case numbers are listed here:

8:12-cv-02464-VMC-MAP
8:12-cv-02470-JDW-EAJ
8:12-cv-02468-JSM-MAP
8:12-cv-02466-MSS-MAP
3:12-cv-01205-MMH-JBT
6:12-cv-01637-GAP-DAB
8:12-cv-02556-MSS-TGW
8:12-cv-02555-JDW-TBM
8:12-cv-02554-MSS-TGW

My sense of humor means I can't help but point out the two parts of these cases which are naturally funny.  First of all, in the movie Dragnet (1987) starring Tom Hanks and Dan Aykroyd there was a pornography company named Bait.  Dabney Coleman played the part of a Satan worshipping pornographer named Jerry Caesar who ran the company that produced Bait magazines.  The portrayal of a rich pornographer in his mansion by this star of Short Time is how I like to think they all live.   Notice how Dabney Coleman is the victim of a crime, just like pornographers who have their content stolen online.

The second part of the cases which is naturally ironic is the term "Bait" which of course is what is happening in these cases.   People are being baited, and whether they are guilty of copyright infringement or not, people will be extorted for larger amounts than are fair and equitable, or in the case of the innocent internet subscriber, simply extorted.  

Bait Productions appears to be an Australian company and to have made a movie called "Bait".  They have had a registration in Australia since 2010.   I have not seen much movement on these cases at this point, but it is certain that the demands and notices from the ISP's will be coming soon.   Just in time for Christmas.  Ho ho ho.    http://www.imdb.com/title/tt1438173/

From IMDB :A freak tsunami traps shoppers at a coastal Australian supermarket inside the building - along with a 12-foot Great White Shark.  4

5 Stars.

As always, my website www.syfert.com contains the FAQ which is still relevant to all John Doe cases. 




Thursday, September 13, 2012

Lightspeed Media CFAA Lawsuits and Guava v. Skylar

Let's call things like they are in the Lightspeed Media lawsuits.  People are using web browsers to access pornography through a website.

They generally get to these websites by using "porn password" webpages when looking for free pornography online.  Sometimes these passwords are included in a URL, for example http://user:password@URL.com/

Generally, the people who run these websites make their money off of advertising, and obtain their passwords from a wide variety of common hacking methods.



Tuesday, August 7, 2012

Comcast Granted Interlocutory Appeal in Nationwide Jurisdiction ISP Subscriber Information Case


It is a rarity among the federal courts for an interlocutory appeal to be granted in an issue regarding early discovery, however, it appears that Comcast has been granted an appeal as to the constitutional issues regarding jurisdiction and joinder.  

It should be noted that Comcast must have put up a substantial fight to get Judge Howell to grant an interlocutory appeal on these two issues, and attorneys from Comcast believe they will have some measure of success at the appellate level that they have been unable to achieve in the District court.  


The order by Judge Beryl Howell is located in the link above.

Comcast lawyers will be arguing the points originally raised in my Motion to Quash and Motion to Dismiss forms that I posted nearly two years ago, but with decidedly more elaboration, I hope.

We may soon have a ruling from an appellate court regarding jurisdiction and joinder at the "John Doe" level of the bittorrent lawsuits.

Wednesday, August 1, 2012

Cloud Computing and Attorney Ethics: Virtual Files in the Ether and Sharing with Laypersons and Laycomputers

Can attorneys work in "The cloud"?

A recent article in the Florida Bar News, August 1, 2012, written by Gary Blankenship brings up an interesting problem being discussed by the Bar's Professional ethics committee regarding the confidentiality of client information and the use of cloud computing.

"On the cloud computing issue, committee members said there are concerns because attorneys are placing confidential client information in the custody of third parties. . . . "This is an emerging area that lawyers are reading into without any idea of what they are getting into," said Steven Teppler.  "There are no guidelines, because there are no standards out there for security, and there's no real way you can do your homework to be sure you are comporting with the ethical rules."

The article also stated that it was unlikely the committee would rule that cloud technology is improper to use, but that regulations needed to be put in place.

Judge Jim McCune in Marion county summed up the issues best when he stated:  "There's a lot more to [the ethical issues] than meets the eye.  Cloud computing gets outsourced to India and other places, and there's issues about whether you can repatriate your data that has been sent to those foreign places.  Really, we all need some guidance on this."

When the HIPPA act was produced, technology was at its infancy.  HIPPA has been a blessing or a curse to many within the health care industry.  It created numerous regulations which has lead to numerous impractical and unforeseen results due to overbearing policies that do not change along with technology.  Other than just another pointless rumination within a blog post, the purpose of this article is at least voice a protest in the event that knee jerk reactions to ridiculous results in the future, and to avoid the costs of regulation and increased technology costs for law firms.

What is the Cloud, really?  

The "Cloud" is a buzzword designed to create excitement around ye olde internet.  Even though it is a buzz word designed for the sale of products, it is no different than the internet of old.  Every Florida bar member who conducts business through e-mail by logging into a Yahoo account or Gmail account is already conducting business in the cloud.  If you use that e-mail account to communicate with clients, then you are using cloud based storage of confidential client communication.

In fact, if you have an internet line running into your office, and it is connected to computers that use the internet for research you are using "the Cloud."  If you use the internet for research through sites like Westlaw or Lexis-Nexis, you are leaving tracks behind (your browsing history) and these tracks are in possession of Westlaw or Lexis-Nexis's "cloud."  These searches could reveal confidential concepts and ideas pertaining to defenses of cases, and if these are labeled by case or client, as is such a feature on both websites, Lexis-Nexis and Westlaw could be storing more information about intended litigation arguments and issues than would be noted in a typical client file.

Cloud computing, in general, is based in the idea that as internet speeds increase, entire programs can be run from a web browser.  The content created with those programs, can be stored remotely, and generally gives options to create a local copy.  Soon, with the increase in speed, we will see a world where the installed software on a PC will be limited to providing access to the internet so that cloud based applications can be accessed.  Although they will be much more powerful devices than the dumb terminal, of old times, the essential concept of the computer being simply a conduit to display information from other more powerful computers is the same as a "dumb terminal."  The benefit of the cloud is an expected savings to the consumer by replacing the need to host a server, purchase software.   It provides for easy collaboration, and easy access, generally, from multiple kinds of devices.

Even though the concept behind the cloud is new, the technology that drives the ideas behind "the cloud" is nearly fifteen years old.  However, due to slow internet speeds, these products and programs were not feasible for use by the general public.   Because the technology and idea behind cloud computing is "old" (in technology terms) it has solidified for me that "Cloud" is a buzzword.  The popular adoption of the term "Cloud" is simply a word for "Data stored on the internet, not stored on local drives."

Common Cloud Services

Cloud services are in their infancy.  Currently, most Cloud services are used for backup of local data.  As time progresses, more and more edits will be done remotely on that data by web applications.  These would include Dropbox, Google Drive, iCloud, and other related services which allow for the storage of documents.  iCloud use to operate differently than it does now, as the "iDisk" portion of that service has now been removed and they have switched to more of a "Google Docs" approach.  Google Docs on the other hand has changed their service to be more like the now defunct iDisk.

Backing Up Data

Guidelines regarding the backing up of data on a webserver do not exist currently for attorneys.  Many attorneys are looking more to the cloud to share information.   The key issue of the security of data lies in the ability to encrypt transmission and communications.

One brief real world illustration of potential pitfalls of cloud computing:  I created legal forms which I sold for $19.95 to anyone interested in purchasing the forms.  Because I first designed them to be shared with attorneys, I placed my documents onto Google Docs so that other attorneys could have free reign to edit and copy the material as needed for their particular case.  The documents that I uploaded to Google Docs were shared among a large group of attorneys, for anyone to edit, share, or collaborate on.

An attorney in another state then used Google Docs to make changes to my motions, adding his client name, the case number.  Because Google Docs automatically saves the changes, his online edits were published to any and every other attorney that had access to the forms.  Ultimately the changes made by the attorney to my documents were to become public record in litigation, and I am a disinterested party but the real world example illustrates a need for file permissions.

Two common sense rules that emerge from both of my comments:
1)  All data that is concerning client information transmitted over the internet shall be transferred, in secure fashion, using 128 bit or 256 bit encryption for transmission.
2)  All data concerning client confidential information should be set with permissions so that it is only accessible by employees of the firm.

HIPPA pointed out that e-mails or web traffic sent which contain patient information should be encrypted.  See http://www.ama-assn.org/resources/doc/psa/hipaa-phi-encryption.pdf   Along those lines, they have also suggested that the method of storing data should be such that it is in an encrypted form.  They make suggestions as to the encryption of local folders.  The publication I linked, also contains information concerning the fact that if transmissions are encrypted, and if local documents are encrypted, then a security breach does not need to be disclosed to patients.

In fear of HIPPA compliance, and increasing reliance on the internet, most small health practices have adopted a policy of not allowing ANY communication from their servers that is not encrypted.  Encryption, however, is good policy for data security, but if a hacker wants the data, they will obtain the data despite the encryption by obtaining the encryption key or the password which is associated with the data.  HIPPA's requirement or suggestion of local encryption of data is overkill, as local file permissions should be sufficient to prevent "casual intruders."  Most hacks concerning locally stored data will not be overly concerned with encryption (especially like Microsoft EFS) because once access is gained to the account that encrypted the information in the first place, all of that data will be decrypted.  To put it in the simplest of terms, your Yahoo or Gmail account is "Encrypted" so that others can not view it.  However, once a hacker has your email password or otherwise has access to your account, he can view all your e-mails in an unencrypted form.

Gdrive, dropbox, and other "cloud based" backup tools generally provide for encryption of uploaded and downloaded material.  They do not provide encryption of data, but they do not allow for the free dissemination of information, unless such permissions is checked.

In short, unencrypted storage of data should be permissible, even in the cloud, as long as such information is stored in a manner where it is not freely available to the outside world and steps are taken for prevention.

In the middle of writing this blog post, a fellow by the name of Bradley Wallace, in Raleigh, NC, whose number is 919-809-7121, called me.  It was such a coincidence, that thought I had to mention him.  He was calling and trying to sell me on the fact that his cloud based system, sharefile, would assist in the new e-service rules that take effect September 1st.  He began discussing about how the incoming e-mails can be automatically indexed and stored.

I began quizzing him relentlessly about the methods of encryption, and as to whether the storage was encrypted as well as the traffic.  He sweated through my interrogation with a positive attitude and confidence of a man who had been on the phone all day being rejected by Florida attorneys who were uninterested in taking on a new expense.  I include his phone number here not to punish him, but instead to say:  Hey, this guy has a product that might be ethical per se.  It is HIPPA compliant.  They are filling a niche by providing encryption of both data and traffic, and have a customized agreement suited for that purpose, unlike Google Drive.  I do not believe attorneys need a full HIPPA compliance, but I do think that if it is HIPPA compliant it would be per se ethical.  So, you Florida attorneys out there can call Bradley and see if he can show you what the system can do as far as automatic sorting of e-served documents into file folders.  I have my own ideas on the matter.

It is August 1st, 2012, and while my e-mail address is on all my pleadings, I have approximately 50 cases where I do not have an e-mail address for service on opposing counsel.  I have no belief that I will receive an e-mail address from these attorneys before September 1st.  Especially the Plaintiff's foreclosure lawyers, where in pleadings the names of many attorneys appear, but not one real point of contact.


Websites

Clients initial interaction, at least for me, generally start at my website.  I currently have about four active domain names that I am running, and only one of them has 256 bit SSL encryption.  I use this domain name that currently has an SSL certificate installed for all client communications through the web.  Needless to say, any client communication which takes place through a website should be encrypted.  It is incredibly rare for me to find any attorney website which has an SSL certificate installed.  It can cost a lot of money.

It should be equally as rare for me to find an attorney site which has a "Contact us" or "Chat now" button, but it is not.  Any site with this sort of function should For an illustration, if I look at the websites of the two top personal injury attorneys (or at least the top advertisers for personal injury cases) in Jacksonville, all of them have a "Contact us" page where client information is to be filled out.  Neither of them have their contact form encrypted, and neither of them have the suggested disclosure to potential clients, that information submitted through the website is submitted in an unencrypted form which may be viewed by third parties.

As of the time of this writing, I clicked on the "Chat now" button on one of the websites, and looked at the protocol and confirmed that the chat session that was initiated was insecure, and had no SSL encryption or other security protocols.  These "chat now" functions are web based applications which use old protocols that used to be driven by software which would be located on your computer.  Now that web based applications have been invented, they are being placed on attorney websites as a way to create more customer interaction.  Implementation, even among the most apparently wealthy and well to do attorneys, has been done in a manner of shoot first and ask questions later.  Feeling like they need to adapt or die, attorneys are paying for web development and customer interaction integration, without asking the typical questions that would normally be required.

The fantastic entity under the Florida Bar named LOMAS has issued statements regarding unencrypted communication and have been advising attorneys to disclose a lack of encryption, for almost as long as "Contact Us" forms existed on websites.  This leads to some more guidelines which are repeats of the first one, but with a slight additions and clarifications.

3)  Client communications initiated through an attorney website should be encrypted or contain information regarding the lack of encryption.
4)  This rule should not be made to require that the domain level encryption certificates are purchased, but rather that if any content or application is embedded or included in an attorney website without a security certificate, it should be sure to run over a secure socket layer.  (A chat application can be on a website that does not have a pretty green padlock next to the URL, and still be secure if it is embedded within an insecure webpage, or somehow included in an insecure webpage.)

The McCune Conundrum

I do not personally know Judge McCune, but I hope that he has a sense of humor regarding the title of this section.  He has presented, with his statement concerning cloud based computing hosted in India, an interesting problem which to my knowledge has never been faced.  However, it is indeed a possible issue, given that "storage locker" type websites are often shut down for fear that they will be used for the purposes of piracy.  By his concern over repatriation of the data, his fear seems to be that a cloud service may host data, and then decide, for any number of reasons, not to release that data back to its original source and owner.

I didn't ask Bradley regarding the question of, "Is my data safe, even if I stop paying you?"  McCune is well positioned in his fear.  As a hypothetical, take the case of a disbarred attorney who used cloud based storage.  If the attorney simply stopped paying, and digital copies of important documents were all that existed, and the client needed a copy of that document, obtaining the data could be difficult.  I could tell you one thing, however.  If the data was encrypted, and the person who had the password died, it would cease to be just difficult to recover the data- it would instead be next to impossible.  A "permission" based password system of security should be sufficient for cloud storage.  A permission based system of security should not be sufficient for cloud storage, if it is not over an encrypted connection.

For this situation to occur, it would require an over reliance on cloud based architecture, without the existence of local backups.  This is the sort of concept and idea that makes all old attorneys cringe and hesitate to embrace the future.  Communication and access to client information is key to the operation of a law firm.  Anyone who has ever handled technology for a law firm will tell you that when the internet goes down, they are hindered temporarily.  However, when the phones go down, the law firm is outraged. One Paralegal said to me, "When the internet goes down, at least our phones still work.  Our local server still stays up so that we can do work."  With the internet goes down, or access to the internet is not available, client information may also be unavailable.  Using a cloud based "backup" system should not change the local  servers information, but as we progress more and more away from local services, the McCune conundrum becomes more clear.  What this shows is that web services should not be used as a sole method of data storage.  Unpaid bills to hosting services might mean that you can not retrieve your data or that it is deleted.  Each hosting service has its own policies regarding these matters.  If I took the time to review them it would be more like the earlier commercial when I mentioned sharedrive.

Local backups solve the McCune conundrum,

Help!  My confidential client data is in the hands of a fellow in India.

I poke a little bit of fun regarding the Judge's statement that the data might be located on a server in India.  However, he is only slightly wrong, and the truth might have scared him even more.  Most "cloud" data storage isn't located on one server in India.  In fact, the confidential client data is probably located on multiple servers throughout India, and being shifted around to different geographic locations all over the world at the whim of the cloud system administrator.  I understand that that this can make things a little more scary, but it is the truth.  See how the software, "openstack" works by visiting their website.

All of these online providers generally have agreements  Google Drive states: The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones.  http://www.trainsignal.com/blog/public-cloud-storage-privacy
In the face of the license, Google Drive has reassured all business customers that their "Private" data will remain private.   Other than the license agreement which plainly appears to state otherwise, I would imagine this would be akin to a computer technician who needs to have access to all the files, and makes you sign a waiver to that effect, but does not disclose that information.

A bizzare hypothetical:  Someone decides to sue Google and stores client confidential information on their Google Drive.  Google decides to open it under the terms of their license.  I would hate to be a judge in this situation.

The uploading of encrypted files would easily satisfy any requirements for client confidentiality.  Even to Google, this files would appear to be gibberish.  File names, however, would be able to be indexed and scanned.  How much information can be gleaned from a list of file names?  You would be surprised.  As an added complication, the great reasons to use these tools (easy search of documents, quick and effective client research and drafting, etc.) would also be negated by the encryption.

Gmail and Yahoo web based accounts are commonly used among attorneys.  That information is all scanned and used to advertise to you.  Is it necessarily a leak of confidential information?  Doubtful.

Help!  My confidential client data is in the hands of a data center in Jacksonville. Or, why we attorneys might overreact about confidential data in the cloud.

 Before cloud based services became publicly available, it was (and still is) common for Data Centers to "co-locate" a machine running Microsoft Exchange.  Those who firms armed you with blackberry's at one point or another, and had frequent connection problems to their server, probably had a co-located machine.  I could, for example, take my own web server and host it at Peak 10, my favorite jacksonville data center.  (I do not co-locate my machine though, just a shameless plug for some good folks.)

They would have access to the hard drive, and all client data if they decided to crack open the machine and take out the hard drive.  Of course, Peak 10 and other reputable establishments would never do this.  It is more likely that they would offer services software which would inspect all client data to for evidence of a lack of integrity of the data.  An absolute loss of data scares me more than my data being located in India.

Currently, cloud services are outperforming my hard drives in reliability, but I would never be without a local backup.  I don't think any attorney at this point completely trusts cloud architecture to the point where he would migrate an entire business.

In essence, cloud services, and others like it, should be allowed to be your IT guy in the sky.  You should be allowed to trust your IT guy not go snooping around where he doesn't belong, or to use or abuse private information.  Same could be said of the mailman taking important documents.  "Do they open the envelope and peek inside?"

You should, however, be able to negotiate with your cloud provider, just as you could with Peak 10 or other independent establishments who do not require click to accept, one size fits all user agreements.  The necessity for manpower to accomplish these tasks means that the large cheap providers do not have the time to custom negotiate a contract with you to protect your data.

Using a data center, or a high speed internet connection, can allow you to create your own "cloud" based services, without the need for relying on "click to accept" functions.


Help!  My confidential client data is in the hands of my employees and accessible through a local server! And, I e-mail back and forth with my clients and employees concerning secure matters.  Or, why we as attorneys are generally underreacting to confidential electronically stored data in general.

This HELP! section is probably how your firm is already set up.  You are communicating with your clients via e-mail.  While you might use an encrypted connection, you have no idea if they are using an encrypted connection unless you pre-shared a key and pre-arranged the message sending.

Original messages and data stores are kept in plain text for numerous reasons.  Some of these data stores are kept on your webserver in an SQL database.  Your "Contact Us" button, might actually contact you, but it might also be storing those incoming messages in an SQL database for later retrieval, on your website, vulnerable to hackers, through your website.  If your company intranet website uses a web based data system, accessible through a browser, your client information is being stored there in an SQL database, you might be vulnerable.  As far as data interception methods are concerned, database leaks are one of the biggest security flaws and vulnerabilities that can be experienced by a law firm.   If your law firm website is on Google, it is being scanned at least three times a week for security holes by people all over the world, no matter how small and insignificant you may think your practice would be.

An attorney in Mississippi once told me a story about someone who would steal clients from him by hacking his voicemail.  He swore up and down that a competing attorney was calling after hours, and using his default password, deleting his voicemails and taking the business.  Today's equivalent might be SQL database dump like the ones so popular in the news, or even a program that would just harvest "Contact Us" requests through a website and redirect them.  An insecurely programmed site is likely to be more common, among those who paid more for features within their website.

I already mentioned the website issues regarding client communication and a lack of SSL certificate, in both the contact forms and the web chat functions.  Even for small businesses, HIPPA prevents this.  We have no such official regulation as attorneys.  Just the tiny voice of LOMAS making a suggestion.  Honestly, such regulation would probably send attorneys scrambling to find ways to comply with HIPPA, and finding that their old reliable system of case management is no longer working how they would like it.  I do not believe we should take HIPPA type measures, but I do believe that web access should be secure from intruders based on permissions.

5)  Any attorney should take reasonable steps to ensure that client information passed over the internet is passed in an encrypted format whenever possible.


Once again, we can't be sure that the client is using an encrypted connection.  The system of e-mail is to beneficial and crucial to the process of law and open communication with clients.  However, it would be a shame to abandon it just because there is no way to ensure that your client is using unencrypted web based mail, or is using an insecure port to download e-mail to his "Microsoft Outlook" at a public wi-fi hotspot.

Although it sickens me to say it, Facebook is actually a more secure method of communication with a client than if they decided to e-mail using an unencrypted connection on unencrypted wi-fi.  If clients were so inclined to be able to receive PGP messages, this would be a decent solution.  However, this is not a solution in most cases, because most people don't know how to send "encrypted" e-mails.  Implementation of such systems, right now, would be expensive and nearly impossible.


Requiring encryption of communication traffic through a website is an additional cost that attorneys do not want to incur, but such cost would be a reasonable expenditure, in light of the importance of web traffic in a law office.  The truth is that attorneys will be wary to adopt these standards unless they are forced into adopting these standards.  I don't blame them.  The costs can be outrageous from some companies who do hosting, but a reasonable amount is more like a maximum of $100.00 per year.  Depending on hosting plans, certificates can run into the thousands.  And if you have multiple websites, it is time to shell out money for those as well.

More Realistic Threats

A law firm's confidential data, stored with a nice secure long password, is more likely to be breached by an employee or someone with physical access rather than a hacker.  Ultimately if a hacker wanted to get into your systems, and monitor all your internal and network traffic, he would gain physical access to your office and install a device which would plug into your network and begin analyzing the network traffic and allow undetectable access from the outside.

My data is as safe as I can make it, but I admit, there may be something I am overlooking.  I am not as sharp as I once was regarding the details of computer security.  I have learned one thing that will not change.  If it is digitized, then it is available for someone to take, if they want it bad enough.  The same could be said of a paper file.

In conclusion

Ultimately, a safe full of paper is much safer than using computer networks to store information.  But, we, as attorneys, are going a way that congress has decided that health care can not.  Sometimes for the better, sometimes for the worst.  The rapid communication of e-mail has changed the legal practice so much that we are adopting it for service as a preference over fax and US Mail.  It has made it easier to communicate with clients, and sometimes more difficult to communicate with opposing counsel.

-------

Now, I am preparing to design a linux based automatic filing system for saving e-served documents locally, without paying anyone.  Well, maybe sometime soon.

Oh, and I would also again like to make a public apology to Bradley Wallace, in Raleigh, NC, whose number is 919-809-7121, and tried to sell me sharedrive.  Mr. Wallace who did sweat through through my interrogation about their security and emerged on the other side looking like an overall decent guy.  He just happened to have been unfortunate enough to catch me in the middle of this post.  I swear I am not getting a kick back from sharedrive or Mr. Wallace.  The timing was just perfect, and maybe this will drive him some business and payback the bad karma I gave him early on in our call.













Saturday, July 21, 2012

Is the World Wide Web unethical for Florida attorneys? Or, why the popular websites break the rules.

I grumble like an old man so often to other people about the state of websites for lawyers and how they are used.  A colleague of mine, a worthy adversary in court, got to talking one day regarding the low public opinion of attorneys and he blamed it on one thing, and said it was "Advertising"

A third person was talking about her ex-husband saying "He's in a profession that is held in lower regard than an attorney."  Both of us chimed in at the same time, and said, "What is he, a used car salesman?"

Then my worthy adversary began complaining like an old man:  "Back in the 1970's there was a ruling and suddenly attorneys could advertise all over the place.  When this competition started happening, it was no longer based on the past experiences of clients and word of mouth, but instead, it was about who could give the best impression that an attorney can give them an edge.  Something about this soured the whole profession."

The decision was Bates v. State Bar of Arizona, 433 U.S. 350 (1977).  It highlights the flipside of the argument my adversary presented.  Word of mouth makes things just too difficult to find an attorney.  An absolute ban on attorney advertising is probably too much.  Along with this decision, the many states have come down with rules regarding attorney advertising.

Attorney commercials on television are a running joke.  In states like Florida, where the ethics are strictly regulated, attorney commercials are often considered a joke.

"The music is always so boring," one friend said.
"So, if it suddenly turned up with some heavy metal in the background, would you hire them as an attorney?
"Well, no."
"What's a better idea then?"
"To make it less sucky, I don't know,"  was her reply.
I then went on to bore her with conversations about attorney advertising regulation, and the fact that in Florida, attorneys were not supposed to use exciting music, and how in Mississippi, I saw an attorney using the phrase "turn your wreck into a check" and another who used the phrase "We get the money you deserve," as their tagline until they realized what they were saying and changed it to "We get you the money you deserve."

Rule 4-7.5 limits any background sound other than instrumental music.  Instrumental music isn't by definition boring.  See, i.e. Explosions in the Sky (Texas 2003).  However, one wonders how the commercial reviewers at the Florida bar would react to some of the raucous feedback of the howling Marshal stacks if someone where to somehow obtain a license to use a song by Jimi Hendrix, or Sonic Youth.


Florida Ethics Rules regarding Social Networking Sites

The Florida Bar Standing Advertising Committee has come down with ethics decisions regarding the use of Facebook, Twitter, Linkedin and other websites.  These rules are available in full text here:  Florida Rules Regarding Facebook, Twitter, and Linked In   I will attempt to itemize them, in some sort of statutory form, but also in the style of the twelve commandments, even though there are only three.


1.   I am the Bar, by God, which has understanding that you might use social media for personal reasons, but if you shall ever use it to promote your law firm, in Egypt:
a)  Thou shall not invite, add, or friend request persons not in your current contact list, unless they are an attorney.
b)  Thou shall not send out "public messages" from social media sites, which contains links designed to generate business or solicit legal services.
c)  Thou shall not violate rule 4-7.2

Section b) of my pretend statute above, will ultimately require an expansion.  I fully intend to tweet a link to this article, when I am done writing.  Now, most of this will only be of interest to attorneys, so I am sure I am OK when it comes to this particular article.  It will be a public tweet, but only my followers will get my requests.   It seems as if using the "@" symbol behind someone else's twitter name without their permission could get you in trouble, if you are promoting a link or a website.  What about hash tagging a very popular trend?  What about hash tagging something relevant so that people can find information?  It seems as if this "public post" rule will need further clarification as technology progresses.

However, it also seems to exclude public posts, which would be searchable in twitter, which are not specifically pointed towards anyone

Inherent Pitfalls in Social Networking Sites

Linkedin

Attorneys are not allowed to declare themselves experts in a field.  They can, however, be board certified.


When I signed into my linkedin account today (which is incredibly rare) I noticed that it was telling me that my profile was at 87% completeness.  It gave me a progress bar as an indicator, which had a yellow sickly look, and desperately itched to turn green and show a stick and two goose eggs next to the percent sign.

 I looked for the portion that was incomplete:

Now I remember why I left this part blank.  It says "Skills & Expertise."  The reason I include the screen capture of this is solely because it can be funny to lawyers who understand the logical use of the word AND and OR, not to mention the ampersand symbol.   The grayed out words in the middle say, "Enter your skill OR expertise."  Florida bar prohibits the use of the word expert, or expertise, to describe services but would most likely accept "skills."   Logically, if it is an "or" Statement, then it is either a skill or an expertise, or both.  The ampersand, standing for "and", means it is BOTH a skill and an expertise.  This is how it would be seen by the general public.  Therefore, I believe, that putting criminal law or any other words in this section is inherently unethical, unless an attorney wanted to add truly unrelated skills such as kung fu or linux administration.

Facebook

First, let me confess that I don't really "get" facebook.  I honestly don't know where features are within the interface, but this isn't from a lack of computer knowledge, it is instead from a lack of Facebook use.  The most intriguing part about Facebook to me is that it is cataloging a massive database of the human experience, ranging from the exciting exchange of new ideas and information, to what someone had for breakfast that morning.  This exchange of personal information and ideas will ultimately lead to great change.


My friends on Facebook rarely see any activity from me.  My personal Facebook is a mixture of random people that friend me, real friends, and people I friend-ed.  Sometimes, if I read an article about someone that is interesting and they have a Facebook, I will send them a friend request.


While I do make good attempts to keep a clean line between my personal time and my business time, I have never made such attempts when it comes to my personal facebook and my business facebook.  I have created a business page, but that is about as far as I got. 


Needless to say, writing a script that targets people who use the term DUI in a public post, or car accident, and then reaches out to message them on facebook regarding legal services, would be improper.   The technology of http://weknowwhatyouredoing.com/ could readily be applied to this unethical enterprise, to seek out people complaining about their daily lives.  Ambulance Chasing/Facebook chasing.  Potential search terms "Hospital" "wreck".  See Danny DeVito in "The Rainmaker"



Legalzoom

The legality of Legalzoom and Quicken Family Lawyer has been decided by a number of courts to not be an unlicensed practice of law.   Legalzoom and other form sites like it, following their success, they were emboldened to go even further, and offer attorney services directly from their website.  They have set up a buffer, in the form of an attorney referral company.

The form market is a big business.  The attorney market is a big business.  Companies like legalzoom have attorney Robert Shapiro pitching for them on TV, as a spokesperson.  Their website tries to make very clear that they are not attorneys.  They are more worried about sales of a form, than whether a form will fit a particular purpose.  There is no customization of a legalzoom form other than what they permit.   Rocketlawyer, falls to this same pitfall, as do most others.




SEO Ethical Issues

I readily admit to doing stupid word link based SEO on my own sites, where I am permitted to control the content.  On other blogs, if I posted a comment, I wouldn't even think of creating a link, except to my page, but not by including a search term.

On this blog, I have noticed many attorneys who hire SEO companies to make comments like (Thank you, this will really help with my legal research) and then sign it "houston criminal attorney".  I have traced the IP's back to China.  So, there are some attorneys out there who are hiring SEO Companies who are in turn hiring chinese citizens to write blog posts using fake names and creating links to help search engine optimization.  Based on some of the comments, and their lack of relevance to blog posts, these Chinese SEO subcontractors likely don't have even a rudimentary grasp of English.

Customer Reviews

I see some law firms with 30+ reviews on sites like google places and yelp.  I do not care what kind of success rate a person has, most people do not take the time out of their day to comment about the services their attorney is providing.  How many of these reviews were solicited?

Any attorney has always known that word of mouth is the most powerful tool for bringing in business.  As things progress, "Word of Mouth" will have less to do with what is spoken, and have more to do with what is typed or otherwise recorded online.

Avvo

Don't even get me started on avvo.  I don't think that they are doing anything directly unethical, but the "Rating" system is off kilter.  Then again, I think that the Martindale-Hubbell rating system is off kilter as well.  Some attorneys have no clout in a community, and are unknown by judges and other attorneys.  These people still have and serve clients.  The best thing that Avvo has done, it has all but destroyed what used to be an over simplistic monopoly.  It adds in, for at least some portion, client satisfaction.

"Martindale-Hubbell Peer Review Ratings were created in 1887 as an objective tool that would attest to a lawyer's ability and professional ethics, based on the confidential opinions of other lawyers and judges who have worked with the lawyers they are evaluating," said Mike Walsh, President and CEO, U.S. Legal Markets at LexisNexis.  - Quote lifted from http://www.donleylawpc.com/about.html 
And since I used his research, I will willingly plug him with one of those nasty links.  colorado springs probate attorney  I don't know him, but he seems like a good enough guy.  He's AV rated, so he must be right?
The way that the quote is worded,  it makes it seem like it was designed to help judges discuss whether a lawyer was able or ethical.  But let there be no mistake about it, Martindale-Hubbell Peer Review ratings were designed for the public, for the purposes of advertisement, and seem to me like they should be included in rule 4-7.2 's restriction on the characterization of services.

It also seemingly promotes the "good old boy" system where the losers and winners are picked from within the community, and not by the consumer.

A new commandment should be issued:
d) Thou shall not use a scale from one interval to another interval, to define the characteristics of an attorney.

Avvo is based on a game theory, to achieve the goal of a 10.0, or a level 15 contributor, and has many attorneys running around like hamsters in wheels.  The whole thing smacks of role playing.  "My attorney is a level 15 contributor to avvo with 40 hit points, 10exp and 1 magic."  I know you're thinking I'm a role playing geek right now, but I am proud to say I was thrown out of every role playing game I was ever asked to participate in.

The Solution

I see so many emerging websites and dangerous trends for attorneys on the web.  Some of these amount to very complicated profit splitting. None of them are truly adequate.

What is needed is a website where an attorney will be able to control his content, sell his own forms, and offer his own services for review, cutting out the middleman.  Advertising alone could be worth hundreds of thousands.  It could combine the best of all services, but provide for content from attorneys, allowing them to interface with the public and sell their own materials rather than reviewing a legalzoom contract or a rocketlawyer contract.

Preferrably one with a consumer only based rating system or none at all.  Rating the FORMS of an attorney should be much better than rating the CHARACTER of an attorney.

And now that I look back on the post, I am already a little wary of my Avvo rating slipping from negative commments, and Martindale-Hubbell not letting me be peer reviewed.











Friday, July 20, 2012

Building a Solo Office with a Megafirm Infrastructure and Low Overhead


Building a Solo Office with a Megafirm Infrastructure

The purpose of this article is to inform and inspire ideas in developing tools and techniques to reduce the overhead and maximize the infrastructure of solo legal and small firm practitioners.  



It was written two years ago, and I have adapted new technology, and massively improved this setup. I also didn't really take the time to edit this article for grammar or continuity.


But, this is what got me going in the beginning. I decided to stick some more information in places, like my change of Voip provider.

Many of the software tools discussed in this article are free and easy to use, and the rest are free or cheap and require a tech savvy background to properly deploy and administer.  All of the hardware discussed is intended to offer suggestions and to provide a real operating environment example.  


This is not a suggestion of hardware or services, but instead outlines solutions for creating low overhead within the law office. Much of the hardware was selected by the author solely because it was available or otherwise inexpensive.  


Total investment is around 4,000.00-5000.00 for two computers, a scanner, and a network printer.
Total conservative monthly overhead is around $250.00 or $300.00 for a firm with 3-5 people. ($200 for good internet and $50.00 for phones).


A web or cloud based accounting system, with low overhead, that follows all rules of trust accounting in all states, and allows for the printing of checks, does not exist at the time of this writing. No one has created a cloud based accounting system which would have lower overhead than a standard edition of quickbooks, and no one provides cloud invoicing which would allow you to specify whether a clients credit card payment was to be deposited into a trust account.


Another thing I would like to see is automatic scanning recognition and filing.  With the widespread adoption of e-filing and service of legal documents by e-mail, a potential piece of software could be made to automatically file documents into a directory structure.


Case styles (a.k.a. the thing at the top that makes a paper look like a legal pleading) are somewhat standardized. These could be indexed and automatically matched with incoming documents for party names and case numbers and counties and automatically arranged.

All PC’s operating in this environment are running a Microsoft OS, but the underlying infrastructure is heavily based on Linux based hardware.

I also assume that you are starting from scratch. Customized law firm software often provides a resistance to change. Database importation can be a pure headache.


Before You Even Have An Office

Practice Management Software

Do I use Pro-Law, Amicus Attorney, or Time Matters?  What about Google?

All practice management software should perform certain tasks including:  Conflict Checking, Calendaring, Contact Database, and keeping track of Client Matters and Files.  Any Gmail account from Google includes a calendaring system, and a Contact Database that can be used for conflict checking.  

The contact database is even more amazing, when you know you will also be placing most of your phone calls for free, all over the country, for very little overhead, and plenty of room for expansion, and potentially from anywhere in the world with an internet or WiFi connection.  Also, notes regarding phone calls, if answered and entered into the system, can be instantly shared between staff.

For most solo and small practitioners, a spreadsheet, placed into Google Docs, can be a File Management System.  Be sure to create a Client-File (1000-001) numbering system that makes sense, include the current status of the cases, and county case numbers.


Collaborative Gmail Account

Most solo and small firm practitioners have the same problem- the ability to share information quickly and freely with the one or two people they have backing them.  This model is essentially a secretary-boss type model, but here we can consider it to be a paralegal-attorney type model.  

This model is scalable, and can be used not only by solo practitioners, but also small practices who use a standard paralegal-attorney type model.  Not only team accounts can be used, but one master account could be used to link all the teams together.
The idea is to create a “team” or a collaborative Gmail account at http://mail.google.com.   For example, team1@gmail.com where team1 is an identifier.   This could theoretically be graham-lucy@gmail.com, or graham-secretary-lucy@gmail.com or whatever the team name would be.

After creating the new Gmail account, you can instantly enter in your contacts that you will share among the team.  Gmail can import from a wide variety of databases and allow you to share among them.

This collaborative Gmail account also gives you access to Google Voice, which you can use as a Phone Number for the Team.   Sign in and create a google voice account at http://voice.google.com/

A dedicated web browser is not needed, because you can just use the browser you are most comfortable with, however, I suggest using Google Chrome as a stand alone practice management tool.  You can set the default windows to open in Google Chrome to the following pages automatically:

Google Calendar, Google Docs, Google Voice  

You now have:
1) A calendar that can be shared, updated, and seen by anyone you wish that has a Gmail account.  
2) Calendars and Contacts that can automatically sync with an iPhone or other Exchange enabled device (Windows, Android, various Smartphones, iPad, iPod Touch, etc.) (You should Use the Exchange Method to sync calendars and contacts, not Imap or the built in Gmail account Settings, See http://www.google.com/support/mobile/bin/answer.py?hl=en&answer=138740)
     
3) A phone number that can be used solely as a contact for the team, or a main office number (for security and porting, your main office number should be a non-google voice number, forwarded to a google voice number).  
4) A log of all incoming calls on the Google Voice number with the ability to enter notes.
5) Transcription service of incoming voice mail messages.
6) The ability of the “team” to accept text messages to their Google Voice Number.
7) The ability to initiate calls directly from the web browser.
8) The ability to share a Google Doc spreadsheet which contains all your case numbers, client information, case status, etc.

After creating a team collaborative Gmail account, each user can create an individual Gmail account (i.e. syfert@gmail.com and lucy@gmail.com).  The collaborative Gmail account should be set up to forward all e-mail to the individual team members, so that Google Voice notifications, if desired, forward to all team members.   

Through using Google Voice features (Such as * to forward an incoming calls to Google Voice enabled phones, useful for forwarding after someone answers the call, 4 to record an incoming call, and the ability to transcribe and text voicemails to cell phones) you can effectively have an operational office, with a Paralegal-Attorney type scheme, all operating remotely from different locations.

Depending on your cell phone provider, your cell phone plan, and your Google voice setup, if you have unlimited calling to and from certain numbers, you can use Google voice to receive and to place all of your office calls for free, from your cell phone, without exposing your true cell phone number.

Fax Machine

I have struggled with many different fax services, and ideas for receiving faxes.  The best solutions are efax services.  They provide you a dial-in number which you can put down as your office fax number, and then they can e-mail to selected accounts.   

http://www.myfax.com/ is one such service that provides economical faxing for personal and small business, usually around $10-12 per month for 500 pages of faxing.  That’s one ream of faxing for $10.00 per month.  

You can set up your e-fax service to point to your collaborative Gmail account, and the fax will show up in lucy@gmail.com, grahamsyfert@gmail.com, as well as team1@gmail.com or graham-lucy@gmail.com, or whatever the collaborative gmail account is.   

Use of Google Talk Between Computer Workstations

Since both Attorney and Paralegal have Gmail accounts, it is only natural that they can communicate between computer workstations by using a text chat program.  If they are both working remotely, text communication between two computer workstations, can be used to inquire about availability to take an incoming call.   If the Attorney chooses to accept the call, the remote answering paralegal could hit * and then do an assisted transfer to the Attorney on the other end.

Google Talk is found embedded within the Gmail window and allows a user to send text messages to cell phones, and text messages to other Gmail users.  It also allows for video and voice conferencing between Attorney and Paralegal, if their workstations are so equipped.  

iPhones, iPads and iPods

After setting up and worrying with the attorney trust account, you of course wish to be able to accept credit cards.  There are many various methods of accepting credit cards, and a million people trying to sign you up for their merchant services.  

Deals are one thing, but convenience can be another.  Also, can I do credit card deposits to both my trust account and to my law firm operations account?

Using an iPhone or iPad, or iPod touch credit card solution is one way to accept credit cards, and all you need is access to WiFi.  Solutions for credit cards are available from Intuit to interface directly with your Quickbooks, and allow you to accept credit cards from your iPhone, iPad, or iPod Touch.  One potential solution to the credit card trust accounting dilemma was to sign up for two different merchant service accounts available through the iPhone.

In addition to being able to accept credit cards, iPhones, iPads and iPod Touches are useful for calendar and contact syncing with your collaborative Gmail account. http://www.google.com/support/mobile/bin/answer.py?hl=en&answer=138740

If setup correctly, when the paralegal makes a schedule change, or adds a phone number to a contact on her iPhone, the attorney’s iPhone contact is automatically updated with the changes the paralegal made.

Of course, you can use your iPhone with your Google Voice account by adding your mobile number to your Google Voice account.   It is also possible to use an iPad or an iPod Touch 4th Generation or later with your Google Voice account, with the iPad being akin to a high quality speaker phone.

Thanks to the iPhone and Google, your basic office infrastructure is in place, and you do not even have an office.  This gives you time in setting up your office that you might not otherwise have available, and saves you from being at the mercy of the phone and internet installer.  It also creates a nearly fool proof method of not missing incoming communication, if you have the right support base.


Building the Office

Most offices come equipped with cat5 ethernet cable, which allow for computers to be plugged in to each other using routers, hubs, and switches.  I cannot express enough the need and desirability of this method of network creation over Wifi.  Wifi is fast, and is reliable, and will likely improve by leaps and bounds over the upcoming years.

Regardless of that, nothing compares with not relying on WiFi, and so far, nothing is faster than actual wires.  Almost all headaches with internet, server disconnections, slow internet speed, etc., in an office environment, stems from use of WiFi.  That being said, for the devices such as the iPhone, iPad, and iPod touch, any office should have WiFi.

You have called your internet service provider, and they have provided you with a place to plug in a computer, or they have provided you with a place to plug in many computers, and sometimes a WiFi access point built in.  If you have been provided with a place to plug many computers, you might have an internet device which has a STATIC IP.   These devices are not preferred.  Tell your internet company that you prefer a DSL Modem or a Cable Modem, and not a DSL Router or Cable Router.  These devices usually have a DYNAMIC IP.   

For the purposes of ease of setup, a dynamic IP, with no ISP router, is preferred.

Selecting Your Network Router, Backbone, The Core, Etc.

The main device fueling your network and sending signals to all your computers and devices is the network router.  Rather than use the one provided by the ISP, you want to have one that passes the internet IP directly to the router and does not use a NAT (see above regarding ISP provided routers for multiple computers).  

Companies and firms can spend hundreds of thousands on these devices, and tens of thousands of dollars for certain features such as VPN or Virtual Private Network connections.

In consumer models, these features are not present, however, they usually do provide built-in Wifi support.

Luckily, there is no need for spending that much money to get a feature rich router.  
DD-WRT is a linux based firmware which is free and installs on many models of routers, and is also available pre-installed on a number of routers from Buffalo.

Information and devices supported regarding DD-WRT is available at:
http://www.dd-wrt.com/

I purchased a Buffalo WZR-HP-G300NH, with DD-WRT pre-installed for around $70 near the time of this writing.

Whether you are completely tech savvy, or not very tech savvy, purchasing a router that is running dd-wrt will save many headaches regarding connectivity issues.  Even if you have to pay a neighborhood kid to set it up, it is worth running to eliminate connectivity issues.

With DD-WRT you will be able to remotely connect to your service via VPN, if you configure it properly.

http://www.dd-wrt.com/wiki/index.php/VPN_%28the_easy_way%29_v24%2B

And, to make it easier to remember the IP address of your office system, and for the PBX you might want to install, you should configure a Dynamic DNS system in the DD-WRT router.


A Nearly Free Phone System

For someone looking at starting up a small firm or solo practice with multiple employees, the phone system is one of the most costly and biggest worries.  It is also the vein of your business and essential to client communication.   Adding a line for a new employee could be a rather large expense on a traditional telephony system.

Voice over IP telephony is the perfect solution to the telephone scalability issues.  And, incorporating your Google Voice account, you can purchase an IP telephone and for around $20 per month, have unlimited long distance and incoming calls and two lines.

A simple two line phone system can be created using IP telephones (i.e. Polycom 550, Polycom 300, Cisco SPA942) and signing up for an account with http://www.callcentric.com/ I

I now use SipStation for 24.99 a month, because you can add multiple numbers inexpensively and it helps with call routing.


You can program the Polycom 550, or any other IP phone, to interface with Callcentric, providing you with a local phone number that allows for unlimited dial-in for around $8.95 per month and dial out at 1 cent per minute.  However, if you use Google Voice to initiate your outgoing calls, Callcentric will see all those outgoing calls as incoming and will therefore be free.

With Free PBX, your Google voice account may be sufficient to allow each person to have their own account. However, you would need to ensure that the Google Voice account routed to their workstation is not the google voice account that they would use on a daily basis to check their e-mail.

iPhones, iPads, Computers, and iPod Touch 4th Generation devices can be used as telephone extensions using a variety of Voice over IP telephony programs.  iPads and iPod touches can be used directly with the Callcentric accounts using programs like Acrobits, http://www.acrobits.cz/, and Google Voice accounts using programs like Talkatone, http://www.talkatone.com/.  



A Nearly Free PBX Office Telephone System
(Advanced Computer Users Only)

Once you get comfortable configuring IP telephones for use with Callcentric, you may be willing to tackle the core of every large office communications hub.

PBX in a Flash is available for free download at http://pbxinaflash.com/

Installation of PBX in a flash is simple and straight forward, however, for documentation on configuration and installation, as well as scripts to allow for easy configuration, it would be suggested to head over to http://nerdvittles.com/ and look at their information on Incredible PBX.  http://nerdvittles.com/?p=712

Incredible PBX is an add-on to PBX in a Flash which contains scripts that allows for free outbound Google Voice dialing (you can use the Google Voice account you set up in the collaborative Gmail account).

For my small office, I purchased an Aspire Revo for $189.00, in accordance with the Nerd Vittles instructions, and installed Incredible PBX.  These machines now sell for $400.00 or more, but a wide variety of computers can handle FreePBX with ease.  While PBX in a Flash and Asterisk server administration are not for the faint of heart, once it is configured, it is hands off.  It will handle the Callcentric accounts that you setup for the Voice over IP office phones. (see freepbx, trixbox instructions at callcentric)    

The Callcentric accounts you created (or, “voice over ip phone lines”) or any other Voice over IP providers you wish to use can be added as trunks of the PBX system, and can allow for dial out, as well as dial-in ringing multiple phones at once, allowing for transfers, for individual voicemail, and just about any other feature you might want in a phone system, including things that you would never use in a solo/small firm situation.


Copy Machine

Having litigated a number of them, the last thing I wanted to do was sign a contract on a copy machine.  I did inherit one of those all in one flatbed copy machines with a sheet-fed scanner, but it was slow and bulky, so I needed a new solution.

My first purchase was a high speed sheet fed scanner.  And while I did not do all the shopping I could have, I purchased a Cannon ScanFront220 (roughly $1200.00) which I used to scan to my Gmail account and then I could print duplicates of the PDF on the all in one machine.

The next purchase was an HP LaserJet P3015.  The benefit of this particular model of printer, like many others, is that it accepts PDFs to be directly copied to the printer and then printed out.  The Cannon ScanFront220 was then setup to directly send PDFs to the printer, and so with the press of a button, one copy would pop out of my printer, and it was much faster than my all in one machine.  

Also, with the ScanFront220, I was able to simultaneously send a PDF copy to the server.  So, not only did I have an electronic record of every document I copied, if I needed multiple copies, I could simply open up the PDF and hit print and select the number of copies I wanted to print.  One scan, a key stroke and three clicks is as much work as a large copy job on a large professional machine.

File Server

Typically, all that is needed for a file server system is a shared folder that is accessible by many users.  If you have two or fewer users, a professional version of a Windows OS will allow multiple users to connect to a shared folder.

However, if you also want the ability to possibly be able to host your own website someday, you can go the next step and purchase a computer and install Ubuntu Linux or many other varieties.  http://www.ubuntu.com/

Like asterisk phone system administration, linux administration is also not done by the faint of heart.  However, the Ubuntu default interface is so user friendly, with the common tasks available (such as sharing a folder) through the GUI interface.  

Ubuntu was selected only because of the wealth of online documentation and howto’s that are available.

After the installation of Ubuntu, the program called Samba is what allows the server’s share to be seen by windows computers.

I have used multiple cloud backups with Ubuntu, to ensure that no data will be lost.   My current project is to incorporate those files into Google Drive and have a truly web based backend to all document editing.  It is ongoing, and I am awaiting google engineers to finish the google drive client for linux.

The biggest benefit behind a linux machine, is that any task you can dream for a server to do, can be accomplished with enough know how and effort.   However, the average user, just wants to make sure that the server is stable and can be used to share files.  Once the Linux machine is installed and available on the internet, freelance linux experts can be hired to do higher configuration, of webservers, domain name servers, and a variety of other services for which you would normally pay. I suggest



Web Server


Every office has an internet connection. Why pay hosting fees when you can host it yourself? Consider setting up an apache webserver on your linux machine.